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AMENDMENT TO THE CLAIMS 
Please AMEND claim 1 as follows. 
Please ADD claims 12-20 as follows. 

A copy of all pending claims and a status of the claims is provided below. 

1 . (currently amended) A method for checking network perimeter security, said method 
comprising the steps of: 

reviewing security of a network perimeter architecture; 

reviewing security of data processing devices that transfer data across the perimeter of 
the network; 

reviewing security of applications that transfer data across said perimeter; and 
reviewing vulnerability of applications or data processing devices within said perimeter 
from computers or users outside of said perimete r; and 

generating a report concerning security of said perimeter based upon all of the reviewing 

steps . 

2. (original) The method as set forth in claim 1 further comprising the step of reviewing 
security of data processing devices within said perimeter that authenticate computers or users 
outside of said perimeter that request to access an application within said perimeter. 

3. (original) The method as set forth in claim 1 further comprising the step of reviewing 
security of data processing devices that authorize computers or users outside of said perimeter 
that request to access an application within said perimeter. 
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4. (original) The method as set forth in claim 1 wherein the step of reviewing security of 
said data processing devices comprises the step of reviewing security of a web server, an e-mail 
server or an FTP server. 

5. (original) The method as set forth in claim 1 further comprising the step of reviewing 
security of a server within said perimeter that provides data to said data processing devices that 
transfer data across the perimeter of said network. 

6. (original) The method as set forth in claim 1 wherein each of said reviews is performed 
by comparison to a security policy of an enterprise which owns or controls said network. 

7. (original) The method as set forth in claim 1 further comprising the step of determining 
said network perimeter. 

8. (original) The method as set forth in claim 7 wherein said network perimeter comprises 
entries and exits from said network. 

9. (original) The method as set forth in claim 1 wherein said network perimeter comprises 
entries and exits from said network. 

10. (original) The method as set forth in claim 1 wherein the steps of reviewing security 
of a network perimeter architecture, reviewing security of data processing devices that transfer 
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data across the perimeter of the network, and reviewing vulnerability of applications or data 
processing devices within said perimeter from entities outside of said perimeter are performed at 
least in part with a respective program tool. 

1 1 . (original) The method as set forth in claim 1 wherein the step of reviewing security of 
said data processing devices comprises the step of reviewing security of data processing devices 
accessed by users outside of said perimeter. 

12. (new) The method as set forth in claim 1, wherein the reviewing security of data 
processing devices that transfer data across the perimeter of the network comprises categorizing 
components as either control points or non-control points. 

13. (new) The method as set forth in claim 12, wherein the reviewing vulnerability of 
applications or data processing devices within said perimeter from computers or users outside of 
said perimeter comprises: 

testing control points with port scans; and 
testing control points with penetration tests. 

14. (new) The method as set forth in claim 1, further comprising: 
performing a policy review of an enterprise which owns or controls said network; 
defining review parameters based upon the policy review; and 

utilizing the review parameters to perform each of: the reviewing security of a network 
perimeter architecture, the reviewing security of data processing devices that transfer data across 
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the perimeter of the network, the reviewing security of applications that transfer data across said 
perimeter, and the reviewing vulnerability of applications or data processing devices within said 
perimeter from computers or users outside of said perimeter. 

15. (new) The method as set forth in claim 1 , wherein: 

the reviewing security of a network perimeter architecture comprises receiving review 
parameters from a policy review and generating test cases; 

the reviewing security of data processing devices that transfer data across the perimeter 
of the network comprises receiving the review parameters, receiving the test cases, and 
performing the test cases; 

the reviewing security of applications that transfer data across said perimeter comprises 
receiving the review parameters, receiving the test cases, and performing the test cases; and 

the reviewing vulnerability of applications or data processing devices within said 
perimeter from computers or users outside of said perimeter comprises receiving the review 
parameters, receiving the test cases, and performing the test cases. 

16. (new) A computer program product comprising a computer usable medium having a 
computer readable program embodied in the medium, wherein the computer readable program 
when executed on a computing device is operable to cause the computing device to: 

review security of a network perimeter architecture; 

review security of data processing devices that transfer data across the perimeter of the 
network; 

review security of applications that transfer data across said perimeter; 



{P32139 00207738.DOC} 



5 



P32139.A01 END920030045US1 

review vulnerability of applications or data processing devices within said perimeter from 
computers or users outside of said perimeter; and 

generate a report concerning security of said perimeter based upon all said reviews. 

17. (new) The computer program product of claim 16, wherein each of the reviewing 
security of a network perimeter architecture, the reviewing security of data processing devices 
that transfer data across the perimeter of the network, the reviewing security of applications that 
transfer data across said perimeter, and the reviewing vulnerability of applications or data 
processing devices within said perimeter from computers or users outside of said perimeter 
utilize review parameters defined in a policy review of an enterprise which owns or controls said 
network. 

18. (new) A system, comprising: 
a network having a perimeter; and 

a terminal connected to the network and arranged to: 

review security of a network perimeter architecture; 

review security of data processing devices that transfer data across the perimeter 
of the network; 

review security of applications that transfer data across said perimeter; 

review vulnerability of applications or data processing devices within said 
perimeter from computers or users outside of said perimeter; and 

generate a report concerning security of said perimeter based upon all said 
reviews. 
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19. (new) The system of claim 18, wherein the report is based upon data provided by the 
reviewing security of a network perimeter architecture, the reviewing security of data processing 
devices that transfer data across the perimeter of the network, the reviewing security of 
applications that transfer data across said perimeter, and the reviewing vulnerability of 
applications or data processing devices within said perimeter from computers or users outside of 
said perimeter 

20. (new) The system of claim 18, wherein each of the reviewing security of a network 
perimeter architecture, the reviewing security of data processing devices that transfer data across 
the perimeter of the network, the reviewing security of applications that transfer data across said 
perimeter, and the reviewing vulnerability of applications or data processing devices within said 
perimeter from computers or users outside of said perimeter utilize review parameters defined in 
a policy review of an enterprise which owns or controls said network. 
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